SG-3100 Sonos Discovery Issues w/ VLANS

Spearhead1

After troubleshooting I have hit a wall with my IoT network segmentation attempts. Here's how I am setup:

Home network 192.168.1.50 /24 , IoT 192.168.1.20

Home network firewall rules Source Home Network can reach any destination from any IPV4 address, port/protocol. Copied right form the standard LAN rule.

IoT network is blocked from reaching address of the firewall and a Pass rule with inverse match for the Home network .20 and the admin network.

I enabled mDNS Avahi for Home and IoT interfaces which got my Phillips Hue, Apple Airplay, and casted Audio to sonos speakers from my PC on the Home network.

I enabled UPnP and NAT-PNP port mapping on IoT and Home networks.

Everything works with the exception of the sonos app while on the home network trying to see the Sonos devices. I can send music from an app like spotify to the speakers and I can ping all the devices but I cannot get the actual Sonos App to view/pickup the devices.

Any ideas on how to fix this?

Thanks all!

@spearhead1 You need to proxy SSDP across the sub-nets. Look at udpbroadcastrelay. There is a thread covering that, you'll have to do a search. Avahi is for mDNS only.

stephenw10

Yeah pimd seems to be the way to go for Sonos from reports in that thread:
https://forum.netgate.com/topic/139218/sonos-speakers-and-applications-on-different-subnets-vlan-s

Steve

Spearhead1

@stephenw10 @jwj I agree it seems like that's the right direction. I spent all day working on it and after following direction got the PIMD logs to clearly show the established session between my iPhone on the "home" network and the sonos bridge on the "IoT" network but it still fails. If you all have any ideas let me know. I'm going to continue to read up on IGMP, Multicast, PIMD etc. It looks like there are a lot of contributing factors to work through.

Thanks!

@spearhead1 Many have been able to get pimd to work, I wasn't one of them. I'll admit I gave up quickly and then used udpbroadcastrelay. You will have to download the binary or compile it yourself and then run it with shellcmd.

https://forum.netgate.com/topic/155698/how-can-i-get-this-udp-relay-package-for-casting-across-vlans/9?_=1613356456919

It's very simple and just works. Not a sophisticated tool more of a blunt object ;)

More information is here: https://github.com/marjohn56/udpbroadcastrelay/blob/master/README.md

As always, installing software that is not a sanctioned pfsense package is not recommended. But, sometimes needs demand...

The rules for full sonos functionality depend on how you use sonos. Do you mount a smb share for a music library? You'll then need allow that traffic in addition to the normal sonos ports.

These should get you started. They are on my media vlan and allow controllers from my home vlan and access to my music library on a NAS in my server vlan.

You'll have to fiddle with them for your setup.

Screen Shot 2021-02-14 at 21.46.35.png

Screen Shot 2021-02-14 at 21.47.00.png

Screen Shot 2021-02-14 at 21.49.34.png

@spearhead1 said in SG-3100 Sonos Discovery Issues w/ VLANS:

I'm going to continue to read up on IGMP, Multicast, PIMD etc. It looks like there are a lot of contributing factors to work through.

:) Always better to understand than follow a recipe!

Spearhead1

@jwj totally agree. In the meantime I was able to get the app to work with a couple firewall rules so I can limp by for now. Appreciate all the advice!

Screen Shot 2021-02-14 at 9.38.37 PM.png